Title: Shortcodes in comment fields Last modified: May 8, 2018 --- # Shortcodes in comment fields * Resolved [son goku](https://wordpress.org/support/users/son-goku-1/) * (@son-goku-1) * [8 years, 1 month ago](https://wordpress.org/support/topic/shortcodes-in-comment-fields/) * Hello, * I am wondering how can I add a country shortcode into comment field. * `[geoip_detect2 property="country"]` * From what I noticed comment field has to be a wysiwyg field (not text as it is by default). Is there any other way to do this? By custom php function or so? * Regards, Michal Viewing 9 replies - 1 through 9 (of 9 total) * [Benjamin Pick](https://wordpress.org/support/users/benjamin4/) * (@benjamin4) * [8 years, 1 month ago](https://wordpress.org/support/topic/shortcodes-in-comment-fields/#post-10258990) * Yes, there is – simply add `do_shortcode` as a filter. (This is what I do for widgets) However, why would you allow your users to use shortcodes? Maybe it makes more sense to add it to your theme’s template? * Thread Starter [son goku](https://wordpress.org/support/users/son-goku-1/) * (@son-goku-1) * [8 years, 1 month ago](https://wordpress.org/support/topic/shortcodes-in-comment-fields/#post-10259003) * something like that? * `add_filter( 'comment_text', 'do_shortcode' );` - This reply was modified 8 years, 1 month ago by [son goku](https://wordpress.org/support/users/son-goku-1/). * [Benjamin Pick](https://wordpress.org/support/users/benjamin4/) * (@benjamin4) * [8 years, 1 month ago](https://wordpress.org/support/topic/shortcodes-in-comment-fields/#post-10259198) * Depends if you want to get the country of the poster or of the viewer? See [https://core.trac.wordpress.org/ticket/24913](https://core.trac.wordpress.org/ticket/24913) * But check if the shortcodes that are available on your side are XSS-safe, i.e. that you cannot circumvent the HTML and JS sanitation or shortcodes that may disclose private information/links – shortcodes are not meant to be used by any website users, normally only editors can use them. * Thread Starter [son goku](https://wordpress.org/support/users/son-goku-1/) * (@son-goku-1) * [8 years, 1 month ago](https://wordpress.org/support/topic/shortcodes-in-comment-fields/#post-10259589) * Displayed city / country should be different for each viewer. * Don’t worry. I am the only person who will paste shortcodes. I will edit one comment from many on a single page and add country / city name. * I’m just trying to mage geoip work with comment field – that’s all. * So is my shortcode proper and safe? * Thread Starter [son goku](https://wordpress.org/support/users/son-goku-1/) * (@son-goku-1) * [8 years, 1 month ago](https://wordpress.org/support/topic/shortcodes-in-comment-fields/#post-10263462) * any reply on that? * [Benjamin Pick](https://wordpress.org/support/users/benjamin4/) * (@benjamin4) * [8 years, 1 month ago](https://wordpress.org/support/topic/shortcodes-in-comment-fields/#post-10265386) * > Don’t worry. I am the only person who will paste shortcodes. * Because 1) others can’t post comments or because they 2) don’t know they can post shortcodes? If 2, this is called “security by obscurity” and well, it’s not really security because a bot can crawl the internet and try out everything. * For my shortcode: I have fiddled around a bit and couldn’t “hack” it, but I can’t guarantee it either. * And then, which shortcodes are possible on your sites mainly depend on the plugins you are using … in the worst case it can not only add HTML or JS to your site, but even execute code on your server. * So anyway, this is how you _could_ do it but it would be more secure to add the shortcode to your template code or so: `echo do_shortcode('[geoip_detect2 property ="country"]');` * Thread Starter [son goku](https://wordpress.org/support/users/son-goku-1/) * (@son-goku-1) * [8 years, 1 month ago](https://wordpress.org/support/topic/shortcodes-in-comment-fields/#post-10265401) * I have 2 spam/security plugins which does not allow 100% of bots to write comments so that’s not the case * so what will your shortcode do if I paste it in my child theme’s function’s php file? * `echo do_shortcode('[geoip_detect2 property="country"]');` * will it allow to add [geoip_detect2 property=”country”] in comment field or what? Could you be more specific? * [Benjamin Pick](https://wordpress.org/support/users/benjamin4/) * (@benjamin4) * [8 years, 1 month ago](https://wordpress.org/support/topic/shortcodes-in-comment-fields/#post-10265464) * My plugin is mainly aimed at plugin and theme developers, I cannot give free support for all sites. * This code should not go in the functions.php but in comment-single.php or so ( depending on your theme) at the place where the shortcode’s result should be shown. It will execute the shortcode and place the text at this exact location. This was just an idea on how to avoid enabling this for comments so that you can decrease the risks. I can only inform about the risks … * Thread Starter [son goku](https://wordpress.org/support/users/son-goku-1/) * (@son-goku-1) * [8 years, 1 month ago](https://wordpress.org/support/topic/shortcodes-in-comment-fields/#post-10266091) * [https://wordpress.org/support/topic/shortcodes-in-comment-fields/](https://wordpress.org/support/topic/shortcodes-in-comment-fields/) addon helped Viewing 9 replies - 1 through 9 (of 9 total) The topic ‘Shortcodes in comment fields’ is closed to new replies. * ![](https://ps.w.org/geoip-detect/assets/icon-256x256.jpg?rev=978998) * [Geolocation IP Detection](https://wordpress.org/plugins/geoip-detect/) * [Frequently Asked Questions](https://wordpress.org/plugins/geoip-detect/#faq) * [Support Threads](https://wordpress.org/support/plugin/geoip-detect/) * [Active Topics](https://wordpress.org/support/plugin/geoip-detect/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/geoip-detect/unresolved/) * [Reviews](https://wordpress.org/support/plugin/geoip-detect/reviews/) * 9 replies * 2 participants * Last reply from: [son goku](https://wordpress.org/support/users/son-goku-1/) * Last activity: [8 years, 1 month ago](https://wordpress.org/support/topic/shortcodes-in-comment-fields/#post-10266091) * Status: resolved